cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
553
Views
9
Helpful
7
Replies

pls help w/ password

cisco steps
Level 1
Level 1

I deleted a sheet of passowrd for my cisco router. now no access. the router are remote. anyone can help or suggest something, I am not in good position now

7 Replies 7

Lucien Avramov
Level 10
Level 10

Here is the password recovery procedure for the majority of the routers / switches:

http://www.cisco.com/en/US/products/sw/iosswrel/ps1831/products_tech_note09186a00801746e6.shtml

thanks I do know that . need someting that can help w/ remote

Thanks

one of my senior tech , was able to get the config form the router . he said that since there is an ftp enable on one of the router , he was able to get the config from there , then use

http://www.ifm.net.nz/cookbooks/passwordcracker.html

to crack the password

do you know what exactely was done ..

A couple of possible things:

1. For how to copy the configuration:

-the router had tftp server enabled, and the config was copied from tftp

-ip rcmd was enabled on the router, and via rsh the show run was taken, providing that password was known

-http server was enabled and the login / password was different than the router password, if for example router is using AAA server for login and http is using a local login/password.

-Via SNMP, with the CISCO-CONFIG-COPY-MIB, snmpset commands were initiated to the router to upload the configuration to an ftp server.

-Old IOS was using the ftp server functionality:

http://www.cisco.com/en/US/docs/ios/11_3/feature/guide/ftpserve.html

There may be other ways, not that I know of.

2. Once the configuration was retrieved, the MD5 hash was decoded. You should use the command service password-encryption to prevent this to happen.

Provided the platform and version I may be able to help further.

Lucien

how do you copy the config from tftp server on the router. I think that is the metod that he used...i will do some reading about ip rcmd and the http server.

via SNMP ?..how does this work and done.

who ever said " you learn from your mistakes" is right , I would not feel Bad...

Thanks Lucien

Lucien,

I did find this link. I tried to follow the steps but no luck/

http://www.cisco.com/en/US/tech/tk648/tk362/technologies_configuration_example09186a0080094aa6.shtml#NetPro

can you help.

Thanks

For the tftp part, that is a little tricky, the way I know how to do it is: login another router and issue the command copy tftp: flash:, then indicate the router you lost the password as the tftp server. You need to know what is the filename defined on the router for the config, and that is not something you can actually guess easily if you have not configured it yourself.

For the snmp part, you need to know the RW community string. In the link posted, the example is using private, if snmp was configured on this router, it may have a different community string as it's defined by the user.

If you find an old configuration archived somewhere, that will help you a lot.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: